GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,407
Composer 4,950
Erlang 39
GitHub Actions 38
Go 2,605
Maven 6,057
npm 4,250
NuGet 757
pip 4,016
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,227

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,279 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An unauthenticated user can connect to a publicly accessible database using arbitrary credentials... Critical Unreviewed

CVE-2025-9313 was published Oct 28, 2025

Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12363 was published Oct 27, 2025

Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12364 was published Oct 27, 2025

TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/fileupload endpoint to upload... Critical Unreviewed

CVE-2025-27224 was published Oct 27, 2025

Rox, the software running BeWelcome, contains a PHP object injection vulnerability resulting from... Critical Unreviewed

CVE-2025-34292 was published Oct 27, 2025

An issue was discovered in eTimeTrackLite Web thru 12.0 (20250704). There is a permission control... Critical Unreviewed

CVE-2025-60291 was published Oct 27, 2025

An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute... Critical Unreviewed

CVE-2025-61481 was published Oct 27, 2025

SQL injection vulnerability in the DRED virtual campus platform. This vulnerability allows an... Critical Unreviewed

CVE-2025-41009 was published Oct 27, 2025

The device is running an outdated operating system, which may be susceptible to known... Critical Unreviewed

CVE-2025-10561 was published Oct 27, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in videowhisper Paid... Critical Unreviewed

CVE-2025-62959 was published Oct 27, 2025

Missing Authorization vulnerability in gerritvanaaken Podlove Web Player podlove-web-player... Critical Unreviewed

CVE-2025-62908 was published Oct 27, 2025

Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker... Critical Unreviewed

CVE-2025-62906 was published Oct 27, 2025

Missing Authorization vulnerability in themeshopy TS Demo Importer ts-demo-importer allows... Critical Unreviewed

CVE-2025-62919 was published Oct 27, 2025

Missing Authorization vulnerability in Mark O'Donnell MSTW CSV EXPORTER mstw-csv-exporter allows... Critical Unreviewed

CVE-2025-62944 was published Oct 27, 2025

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart... Critical Unreviewed

CVE-2025-62892 was published Oct 27, 2025

Mail Configuration File Manipulation + Command Execution.This issue affects BLU-IC2: through 1.19... Critical Unreviewed

CVE-2025-12275 was published Oct 26, 2025

Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12285 was published Oct 26, 2025

Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12218 was published Oct 25, 2025

Malicious / Malformed App can be Installed but not Uninstalled/may lead to unavailability.This... Critical Unreviewed

CVE-2025-12216 was published Oct 25, 2025

Vulnerable Components in Azure Access OS.This issue affects BLU-IC2: through 1.19.5; BLU-IC4:... Critical Unreviewed

CVE-2025-12219 was published Oct 25, 2025

Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU... Critical Unreviewed

CVE-2025-12220 was published Oct 25, 2025

Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code... Critical Unreviewed

CVE-2025-60803 was published Oct 24, 2025

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime... Critical Unreviewed

CVE-2025-60554 was published Oct 24, 2025

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime... Critical Unreviewed

CVE-2025-60553 was published Oct 24, 2025

Undocumented administrative accounts were getting created to facilitate access for applications... Critical Unreviewed

CVE-2025-12176 was published Oct 24, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,279 advisories